Confessions of the QSA: An Introduction to the Payment Card Industry Data Security Standard

 

As most in the industry know, a QSA must get certified by the PCI Security Standards Security Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance. Created in 2004 by major credit card brands, such as Visa and American Express, the council acts as a form of self-regulation.

So, how did Weaver become an expert on PCI, and what types of solutions does it offer its clients?

On this episode of Weaver: Beyond The Numbers, host Tyler Kern talked with Trip Hillman, Director of Cyber Security Services at Weaver, and Kyle Morris, Manager of IT at Advisory Services at Weaver. The trio dug into insights from Weaver’s Quality Security Assessor and explored how Weaver dove headfirst into PCI.

The PCI DSS applies to organizations that store, process, transmit or could affect the security of cardholder data. Companies that fall under this standard could do a variety of things, such as an annual self-assessment questionnaire, or bring in a third-party, independent QSA to do a full-blown report on compliance audit.

Morris is a QSA and started at Weaver about eight years ago. A few years into his career, they had a client, a service provider, start getting asked by their customers if they knew anything about PCI and the report on compliance. At the time, they hadn’t done anything with it, but decided to figure it out. That morphed into Weaver diving headfirst into PCI.

“We help people with self-assessment questionnaires or SAQs and everything from full-on ROCs for Fortune 50 Cloud Providers to small merchants to SaaS solutions,” Morris said.

Follow us on social media for the latest updates in B2B!

Image

Latest

How Verizon Business Utilizes UGC for Sales Enablement
How Verizon Business Utilizes UGC for Sales Enablement
April 24, 2025

In this episode of UGC for B2B, host David Dabney welcomes Cesar Teran, Verizon’s Sales Enablement Lead for Channel, to explore how user-generated content (UGC) is transforming training and team engagement at Verizon Business. Cesar shares the journey of introducing UGC into Verizon’s training initiatives, emphasizing the importance of authenticity, collaboration, and celebrating contributions….

Read More
digital freight invoicing
ODeX Is Leading the Charge in Digital Freight Invoicing
April 24, 2025

Global shipping continues to grapple with fragmented billing processes, often delaying cargo movement. According to McKinsey, adopting an electronic bill of lading could save $6.5 billion in direct costs and enable $40 billion in global trade. As vessels carry goods for thousands of shippers per voyage, the administrative burden of managing and reconciling invoices…

Read More
Human Intelligence Movement
Just Thinking… about Reimagining Education for the AI Era with the Human Intelligence Movement
April 24, 2025

As artificial intelligence reshapes education, work, and daily life, educators are grappling with how to prepare students for a future where human skills—not just knowledge—will be paramount. In fact, a growing number of reports highlight that employers increasingly value collaboration, communication, and emotional intelligence over memorized content. Amid this transformation, the Human Intelligence Movement…

Read More
The Value of a Restoration Team with Healthcare Experience
The Value of a Restoration Team with Healthcare Experience
April 24, 2025

In this episode of Inside Restoration & Recovery, host Martha Lewis welcomes Jason McClaren, Director of Facilities Operations at Reunion Rehabilitation Hospitals, to discuss the critical advantage of partnering with a restoration team experienced in healthcare. A former firefighter and military veteran, Jason has spent the last decade managing safety, risk, and emergency preparedness…

Read More